Computer Security
[EN] securityvulns.ru no-pyccku


Apache Xerces C++ library
Published:31.08.2009
Source:
SecurityVulns ID:10191
Type:library
Description:Crash on XML parsing.
Affected:APACHE : Xerces C++ 2.7
 APACHE : Xerces C++ 2.8
CVE:CVE-2009-1885 (Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 2.7.0 and 2.8.0 allows context-dependent attackers to cause a denial of service (application crash) via vectors involving nested parentheses and invalid byte values in "simply nested DTD structures," as demonstrated by the Codenomicon XML fuzzing framework.)
Original documentdocumentMANDRIVA, [ MDVSA-2009:223 ] xerces-c (31.08.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod